Security enhancement for short-range wireless tokens

ABSTRACT

An approach for facilitating secured use of short-range wireless tokens is disclosed. In some implementations, a short-range wireless token may be wirelessly powered based on the short-range wireless token being within a powering range of an electromagnetic field of a user device. The short-range wireless token may be configured to generate output signals while being powered. The output signals of the short-range wireless token may be disabled while the short-range wireless token continues to be powered by the electromagnetic field based on a predetermined condition determined by the short-range wireless token. The output signals of the short-range wireless token may be re-enabled based on a discontinuing of the powering of the short-range wireless token by the electromagnetic field and then a resuming of the powering of the short-range wireless token by the electromagnetic field.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is the U.S. National Phase of PCT/EP2012/005307, filedDec. 20, 2012, the content of which is incorporated herein by referencein its entirety.

FIELD OF THE DISCLOSURE

The present disclosure relates generally to short-range wireless tokensand, more specifically, to facilitating secured use of short-rangewireless tokens.

BACKGROUND

In recent years, near-field communication (NFC) tokens have beenutilized for user identification (e.g., in border control), userauthentication (e.g., for online banking services), transactionauthentication (e.g., debit/credit card payments), and/or otherauthentications. For example, customers may utilize mobile devices withan integrated NFC reader and a mobile banking application to request acommunication session with a banking service. To authenticate arequested communication session, a customer may be required tophysically bring an NFC authentication token associated with thecustomer's account in close proximity to his/her mobile device so thatthe NFC authentication token may wirelessly provide verificationinformation for authenticating the customer to the banking service.Often, however, customers may keep their mobile devices and NFCauthentication tokens together in close proximity. For example, forconvenience purposes, a customer may physically attach an NFCauthentication token to a mobile device, may keep the NFC authenticationtoken and the mobile device in the same pocket, etc. Typically, as aresult, the NFC authentication tokens remain powered and continue tooperate as usual, subjecting those customers to information exposurerisks, for instance, from malware on the mobile devices that may gainunauthorized access to information on the NFC authentication tokenswhile the NFC authentication tokens remain powered.

SUMMARY

One aspect of the disclosure relates to methods, apparatuses, and/orsystems for facilitating secured use of short-range wireless tokens. Inone implementation, a method may comprise: wirelessly powering ashort-range wireless token based on the short-range wireless token beingwithin a powering range of an electromagnetic field of a user device,the short-range wireless token configured to generate output signalswhile being powered; disabling the output signals of the short-rangewireless token while the short-range wireless token continues to bepowered by the electromagnetic field based on a predetermined conditiondetermined by the short-range wireless token; and re-enabling the outputsignals of the short-range wireless token based on a discontinuing ofthe powering of the short-range wireless token by the electromagneticfield and then a resuming of the powering of the short-range wirelesstoken by the electromagnetic field.

In another implementation, a short-range wireless token may comprise apowering module, a processor, and/or other components. The poweringmodule may be configured to cause the short-range wireless token towirelessly power based on the short-range wireless token being within apowering range of an electromagnetic field of a user device. Theprocessor may be configured to cause the short-range wireless token to:generate output signals while being powered; and disable the outputsignals while the short-range wireless token continues to be powered bythe electromagnetic field based on a predetermined condition. The outputsignals may be re-enabled based on a discontinuing of the powering ofthe short-range wireless token by the electromagnetic field and then aresuming of the powering of the short-range wireless token by theelectromagnetic field.

In another implementation, a method may comprise: wirelessly powering ashort-range wireless token based on the short-range wireless token beingwithin a powering range of an electromagnetic field of a user device,the short-range wireless token configured to generate output signalswhile being powered; disabling the output signals of the short-rangewireless token while the short-range wireless token continues to bepowered by the electromagnetic field based on a predetermined conditiondetermined by the short-range wireless token; and resetting theshort-range wireless token to re-enable the output signals based on amanipulation of the short-range wireless token, the user device, or acombination thereof.

In another implementation, a short-range wireless token may comprise apowering module, a processor, and/or other components. The poweringmodule may be configured to cause the short-range wireless token towirelessly power based on the short-range wireless token being within apowering range of an electromagnetic field of a user device. Theprocessor may be configured to cause the short-range wireless token to:generate output signals while being powered; and disable the outputsignals while the short-range wireless token continues to be powered bythe electromagnetic field based on a predetermined condition. Theshort-range wireless token may be reset to re-enable the output signalsbased on a manipulation of the short-range wireless token, the userdevice, or a combination thereof.

These and other features of the present invention, as well as themethods of operation and functions of the related elements of structureand the combination of parts and economies of manufacture, will becomemore apparent upon consideration of the following description and theappended claims with reference to the accompanying drawings, all ofwhich form a part of this specification, wherein like reference numeralsdesignate corresponding parts in the various figures. It is to beexpressly understood, however, that the drawings are for the purpose ofillustration and description only and are not intended as a definitionof the limits of the invention. As used in the specification and in theclaims, the singular form of “a”, “an”, and “the” include pluralreferents unless the context clearly dictates otherwise.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example, and not by wayof limitation, in the figures of the accompanying drawing and in whichlike reference numerals refer to similar elements and in which:

FIG. 1 is a diagram of a system capable of facilitating secured use ofshort-range wireless tokens, in accordance with one or moreimplementations;

FIGS. 2A and 2B are diagrams illustrating events that cause powering ofa short-range wireless token by an electromagnetic field of a userdevice (e.g., a mobile device) to be discontinued and then resumed, inaccordance with one or more implementations.

FIG. 3 is a diagram of the components of a short-range wireless token,in accordance with one or more implementations;

FIG. 4 is a flowchart of a process for facilitating secured use ofshort-range wireless tokens, in accordance with one or moreimplementations;

FIG. 5 is a flowchart of another process for facilitating secured use ofshort-range wireless tokens, in accordance with one or moreimplementations; and

FIG. 6 is a flowchart of a process for facilitating detection of apredetermined condition for disabling output signals of a short-rangewireless token, in accordance with one or more implementations.

DETAILED DESCRIPTION

Examples for facilitating secured use of short-range wireless tokens aredisclosed. In the following description, for the purposes ofexplanation, numerous specific details are set forth in order to providea thorough understanding of the implementations of the invention. It isapparent, however, to one skilled in the art that the implementations ofthe invention may be practiced without these specific details or with anequivalent arrangement. In other instances, well-known structures anddevices are shown in block diagram form in order to avoid unnecessarilyobscuring the implementations of the invention.

FIG. 1 is a diagram of a system 100 capable of facilitating secured useof short-range wireless tokens, in accordance with one or moreimplementations. As discussed, customers may keep their mobile devicesand NFC authentication tokens together in close proximity by physicallyattaching an NFC authentication token to a mobile device, keeping theNFC authentication token and the mobile device in the same pocket, etc.Among other issues, such actions subject those customers to informationexposure risks since the NFC authentication tokens typically remainpowered and continue to operate as usual. As an example, malware on amobile device that is in close proximity to an NFC authentication tokenmay misuse the NFC authentication token to cause the NFC authenticationtoken to transmit verification information (e.g., signatures, one-timepasswords, etc.) and/or other information obtainable by the NFCauthentication token to one or more unauthorized entities via the mobiledevice.

To address the above issues, the system 100 may offer short-rangewireless tokens with security enhancements, discourage risky userbehaviors, and/or provide other advantages. It should be noted that,although various implementations are described with respect to secureduse of short-range wireless tokens, it is contemplated that theapproaches described herein may be utilized in other ways. It shouldalso be noted that, although various implementations are described withrespect to passive short-range wireless tokens (e.g., passive NFCtokens), it is contemplated that the approaches described herein mayapply to active short-range wireless tokens and/or other tokens (e.g.,other types of wireless tokens, non-wireless tokens, etc.). It shouldfurther be noted that, although various implementations are describedwith respect to authentication tokens, it is contemplated that theapproaches described herein may apply to other types of tokens. As usedherein, tokens may refer to cards, dongles, tags, and/or other tokens,with or without PIN protection. Short-range wireless tokens may refer totokens that communicate via NFC, Bluetooth, radio frequency (RF), and/orother short-range wireless technologies.

As shown in FIG. 1, the system 100 may include a user device 102 (ormultiple user devices 102) configured to communicate with a short-rangewireless token 104. For example, the user device 102 may include anintegrated token reader interface, along with a reader application 106,to communicate with the short-range wireless token 104 to obtainverification information and/or other information accessible by theshort-range wireless token 104. The user device 102 may be configured tocommunicate with a service platform 108 via the communication network110 to request access to one or more services 112 a-112 n of the serviceplatform 108.

By way of example, the short-range wireless token 104 may be wirelesslypowered based on the short-range wireless token 104 being within apowering range of an electromagnetic field of the user device 102. Theshort-range wireless token 104 may be configured to generate outputsignals while being powered. The output signals of the short-rangewireless token 104 may be disabled while the short-range wireless token104 continues to be powered by the electromagnetic field based on apredetermined condition determined by the short-range wireless token104. In certain implementations, the output signals of the short-rangewireless token 104 may be re-enabled based on a discontinuing of thepowering of the short-range wireless token 104 by the electromagneticfield and then a resuming of the powering of the short-range wirelesstoken 104 by the electromagnetic field.

For example, the user device 102 may comprise an NFC reader. Theshort-range wireless token 104 may comprise an NFC token, for instance,that is capable of interacting with the NFC reader. In one scenario, auser may utilize a mobile device to initiate a banking application toperform financial transaction with a bank via an online banking service.The banking application may, for instance, work in conjunction with theNFC reader to communicate with the short-range wireless token 104 viathe NFC token. The banking application may prompt the user to key in aPIN and bring the short-range wireless token 104 in close proximity(e.g., 4 cm or less) to the mobile device to authenticate the user touse the banking service, to authenticate a transaction with the bankingservice, etc. When the user brings the short-range wireless token 104 inclose proximity (e.g., 4 cm or less) to the mobile device, theshort-range wireless token 104 may become electrically powered by theelectromagnetic field of the mobile device. As a result, the short-rangewireless token 104 may send an Answer-to-Select (ATS) response to themobile device. The mobile device may then send one or a series ofcommands (e.g., getData→getAuthenticationCode) to the short-rangewireless token 104, which may execute the commands to provide the mobiledevice with verification information for authenticating the user, atransaction, etc.

In this scenario, after completion of the predefined series of commands(e.g., a response associated with the last command has been outputted tothe mobile device), a mute mode of the short-range wireless token 104may be activated, causing a disabling of the output signals of theshort-range wireless token 104. Thus, although the short-range wirelesstoken 104 continues to be powered by the electromagnetic field of themobile device, the short-range wireless token 104 may be prevented fromtransmitting information outside the short-range wireless token 104. Inthis way, the risk of unauthorized access of information that isaccessible via the short-range wireless token 104 may be reduced, forinstance, despite user behaviors associated with security risks (e.g.,keeping their NFC authentication tokens in close proximity to theirmobile devices).

However, upon the powering of the short-range wireless token 104 by theelectromagnetic field being discontinued and then resumed, the outputsignals of the short-range wireless token 104 may be re-enabled. Incertain implementations, the discontinuing of the powering of theshort-range wireless token 104 and then the resuming of the powering maybe based on the short-range wireless token 104 being placed outside thepowering range and then back within the powering range. In variousimplementations, the discontinuing of the powering of the short-rangewireless token 104 and then the resuming of the powering may be based onthe electromagnetic field of the mobile device being deactivated andthen reactivated. In some implementations, the re-enabling of the outputsignals may be based on a deactivating of the mute mode of theshort-range wireless token 104. The deactivating of the mute mode may,for instance, be in response to the discontinuing of the powering of theshort-range wireless token 104.

For example, FIGS. 2A and 2B are diagrams illustrating events 200, 202,204, and/or 206 that cause powering of short-range wireless token 104 byan electromagnetic field of a mobile device to be discontinued and thenresumed, in accordance with one or more implementations. As shown inFIG. 2A, event 200 depicts moving of the short-range wireless tokenand/or a mobile device 208 to place the short-range wireless token 104outside of a powering range 210 of an electromagnetic field of themobile device 208. Event 202 depicts moving of the short-range wirelesstoken 104 and/or the mobile device 208 to place the short-range wirelesstoken 104 back within the powering range 210.

In one use case, based on a predetermined condition (e.g., executions ofa particular command or command series exceed an execution thresholdnumber, a time threshold related to inactivity is reached, and/or otherpredetermined conditions) determined by the short-range wireless token104, a mute mode of the short-range wireless token 104 may be activatedby indicating the “activated” mute mode status in a global transientvariable. As indicated, the activating of the mute mode may cause theoutput signals of the short-range wireless token to become disabled. Insome scenarios, the activating of the mute mode may still allowcommunications (e.g., commands) to be received, but may prevent thecommunications from being processed. In response to event 200, theshort-range wireless token 104 may become unpowered. The short-rangewireless token 104 may, for instance, become unpowered as a result of alack of power from the mobile device 208 since the short-range wirelesstoken is no longer within the powering range 210. Subsequently, inresponse to event 202, the short-range wireless token 104 may regainpower. The short-range wireless token 104 may, for instance, regainpower from the electromagnetic field as a result of being back withinthe powering range 210. Because the “activated” mute mode status wasstored in a global transient variable, the loss of power from event 200may cause the variable to reset to a default “deactivated” state (e.g.,from “1” to “0” as a result of becoming unpowered, from “activated” to“deactivated,” etc.) so that the output signals may be re-enabled whenthe short-range wireless token 104 regains power from theelectromagnetic field.

As shown in FIG. 2B, event 204 depicts a deactivating of theelectromagnetic field of the mobile device 208. Event 206 depicts areactivating of the electromagnetic field of the mobile device 208. Inresponse to event 204, the short-range wireless token 104 may becomeunpowered. The short-range wireless token 104 may, for instance, becomeunpowered as a result of a lack of power from the mobile device 208since the mobile device 208 is no longer emitting the electromagneticfield to power the short-range wireless token. Subsequently, in responseto event 206, the short-range wireless token 104 may regain power as themobile device 208 re-emits the electromagnetic field. If, for instance,a mute mode of the short-range wireless token 104 is activated byindicating the “activated” mute mode status in a global transientvariable, the loss of power from event 204 may cause the variable toreset to a default “deactivated” state (e.g., from “1” to “0” as aresult of becoming unpowered, from “activated” to “deactivated,” etc.)so that the output signals may be re-enabled when the short-rangewireless token 104 regains power from the electromagnetic field.

In some implementations, the events 200, 202, 204, and/or 206 may beperformed by a user of the short-range wireless token 104 to cause there-enabling of the output signals of the short-range wireless token 104.Thus, users of such short-range wireless tokens 104 may perform one ormore steps to cause the discontinuing and then the resuming of thepowering of their short-range wireless tokens 104 to re-enable theoutput signals of the short-range wireless tokens 104 when their riskyuser behaviors (e.g., keeping their NFC authentication tokens in closeproximity to their mobile devices) results in the disabling of theoutput signals. Accordingly, users may be encouraged to mitigate suchuser behaviors, for instance, to avoid the inconvenience of having toeffectuate the discontinuing and then the resuming of the powering oftheir short-range wireless tokens 104 in order to re-enable the outputsignals of the short-range wireless tokens 104.

In various implementations, the short-range wireless token 104 may bereset to re-enable the output signals based on a manipulation of theshort-range wireless token 104, the user device 102, or a combinationthereof. By way of example, the short-range wireless token 104 mayinclude a reset switch for re-enabling the output signals. In one usecase, a user of the short-range wireless token 104 may press the resetswitch to cause the short-range wireless token 104 to reboot. The rebootmay include a discontinuing and then a resuming of the powering of theshort-range wireless token 104. The discontinuing and then the resumingof the powering of the short-range wireless token 104 may, for instance,cause an activated mute mode of the short-range wireless token 104 to bedeactivated, resulting in a re-enabling of the output signals of theshort-range wireless token 104. In another use case, pressing of thereset switch may change a mute mode status of the short-range wirelesstoken 104 from “activated” to “deactivated,” resulting in a re-enablingof the output signals. For example, if the short-range wireless token104 is configured to retain the mute mode status even after adiscontinuing of the powering, the reset switch may be utilized todeactivate an activated mute mode of the short-range wireless token 104.The deactivating of the mute mode may, for instance, result in there-enabling of the output signals of the short-range wireless token 104.

By way of another example, the user device 102 may include a resetswitch for re-enabling the output signals. In one scenario, a user ofthe user device 102 may press the reset switch to cause a short-rangewireless interface (e.g., an NFC reader that emits the electromagneticfield) of the user device 102 to reboot. The reboot may include adeactivating and a reactivating of the electromagnetic field emitted bythe user device 102 (e.g., the deactivating and the reactivating of theelectromagnetic field of the mobile device 208 that are illustrated byevents 204 and 206 of FIG. 2B). Thus, the reboot of the short-rangewireless interface of the user device 102 may cause a discontinuing anda resuming of the powering of the short-range wireless token 104 by theelectromagnetic field of the user device 102. As indicated, thediscontinuing and the resuming of the powering may result in are-enabling of the output signals of the short-range wireless token 104.

As indicated, in certain implementations, the disabling of the outputsignals of the short-range wireless token may be based on a number ofpredetermined conditions. The predetermined conditions may, forinstance, trigger the disabling of the output signals to reduce accessof information via the short-range wireless token 104 by malware, todiscourage risky user behavior, and/or provide other benefits. Forexample, in one implementation, the short-range wireless token 104 mayreceive a request by the user device 102 for verification information toestablish a session between the user device 102 and a network service.The short-range wireless token 104 may initiate execution of one or morepredetermined commands to provide the verification information to theuser device 102. In some implementations, the predetermined conditionfrom which a disabling of the output signals of the short-range wirelesstoken 104 is based may include the execution of the predeterminedcommands being completed a predetermined threshold number of times.

In one use case, a predefined series of commands (e.g.,getData→getAuthenticationCode) may be utilized by the short-rangewireless token 104 to generate the verification information requested bythe user device 102. If, for instance, the predetermined thresholdexecution number is set to “1,” the mute mode of the short-rangewireless token may be activated upon completing execution of thepredefined series of commands (e.g., a response associated with the lastcommand has been outputted to the user device 102), resulting in adisabling of the output signals of the short-range wireless token 104.Thus, based on the predetermined threshold execution number being “1,”the short-range wireless token 104 may be restricted to executing thepredefined series of commands once per powering of the short-rangewireless token 104.

In another implementation, the short-range wireless token 104 may detecta passage of a predetermined time duration after a triggering event. Thetriggering event may, for instance, include detection of theelectromagnetic field of the user device 102 (e.g., by the short-rangewireless token 104), receipt of a command from the user device 102,sending of a response by the short-range wireless token 104 to the userdevice 102, setup of a session between the user device 102 and theshort-range wireless token 104, and/or other events. For example, if thefirst command (e.g., getData) of a predefined series of commands (e.g.,getData→getAuthenticationCode) has not been executed within 7 seconds ofthe electromagnetic field detection or of the ATS response being sent tothe user device 102, the mute mode of the short-range wireless token 104may be activated to disable the output signals of the short-rangewireless token 104.

In another implementation, the short-range wireless token 104 may detectan indication of a security violation. In some implementations, thepredetermined condition may include the detection of the securityviolation indication. In one scenario, the short-range wireless token104 may be protected with a PIN such that the user device 102 mayauthenticate a session between the user device 102 and the short-rangewireless token by providing a PIN associated with the short-rangewireless token 104 to the short-range wireless token 104 during setup ofthe session. If, for instance, malware on the user device 102 attemptsto initiate a session with the short-range wireless token 104 using anincorrect PIN, the mute mode of the short-range wireless token 104 maybe activated to disable the output signals of the short-range wirelesstoken 104. In another scenario, a user may authenticate a sessionbetween the user device 102 and the short-range wireless token 104 byentering a PIN associated with the short-range wireless token 104 (e.g.,when prompted, before requesting the session via an application on theuser device 102, etc.). However, if the number of times that the userenters an incorrect PIN exceeds a predetermined threshold number ofattempts, the mute mode of the short-range wireless token 104 may beactivated to disable the output signals of the short-range wirelesstoken 104.

In another implementation, the short-range wireless token 104 may detecta deviation from one or more predetermined ranges of the short-rangewireless token 104 with respect to available power, temperature,electromagnetic field strength, or a combination thereof. In someimplementations, the predetermined condition may include the detectionof the deviation from the predetermined ranges of the short-rangewireless token 104. In one use case, a sudden increase in theelectromagnetic field strength during a session between the user device102 and the short-range wireless token 104 may indicate that anotherdevice (e.g., belonging to an eavesdropper) is attempting to accessinformation from the short-range wireless token 104. Thus, the suddenincrease in the electromagnetic field strength may trigger the mute modeof the short-range wireless token 104 to be activated, resulting in adisabling of the output signals of the short-range wireless token. Inanother scenario, the short-range wireless token 104 may be configuredto work with user devices 102 that emit an electromagnetic field thatsatisfies one or more predetermined standards (e.g., strength,frequency, and/or other criteria). For example, if an electromagneticfield emitted by a mobile device does not fall within a range of thepredetermined standards, the mute mode of the short-range wireless token104 may be activated to prevent the short-range wireless token 104 fromworking with that particular mobile device (e.g., via disabling of theoutput signals of the short-range wireless token 104).

In another implementation, the short-range wireless token 104 maycomprise an NFC token (e.g., passive NFC token, active NFC token, etc.).The user device 102 may comprise an NFC reader, for instance, that isconfigured to interact with the NFC token. It should be noted that,although certain implementations are described with respect to NFCtechnologies, it is contemplated that the approaches described hereinmay be applied using other wireless technologies.

The communication network 110 of system 100 may include one or morenetworks such as a data network, a wireless network, a telephonynetwork, and/or other communication networks. It is contemplated thatthe data network may be any local area network (LAN), metropolitan areanetwork (MAN), wide area network (WAN), a public data network (e.g., theInternet), short range wireless network, and/or any other suitablepacket-switched network. The wireless network may, for example, be acellular network and may employ various technologies including enhanceddata rates for global evolution (EDGE), general packet radio service(GPRS), global system for mobile communications (GSM), Internet protocolmultimedia subsystem (IMS), universal mobile telecommunications system(UMTS), etc., as well as any other suitable wireless medium (e.g.,worldwide interoperability for microwave access (WiMAX), Long TermEvolution (LTE) networks, code division multiple access (CDMA), widebandcode division multiple access (WCDMA), wireless fidelity (WiFi),wireless LAN (WLAN), Bluetooth, Internet Protocol (IP) data casting,satellite, mobile ad-hoc network (MANET), etc.).

The user device 102 may be any type of mobile terminal, fixed terminal,and/or other device. For example, the user device 102 may include adesktop computer, a notebook computer, a netbook computer, a tabletcomputer, a smartphone, a navigation device, an electronic book device,a gaming device, a point-of-sale (POS) device, an automated tellermachine (ATM), and/or any other user device. In some implementations,the user device 102 may be the accessories and peripherals of thesedevices. It is also contemplated that the user device 102 may supportany type of interface to the user (such as “wearable” circuitry, etc.).

FIG. 3 is a diagram of the components of a short-range wireless token104, in accordance with one or more implementations. By way of example,the short-range wireless token 104 may include one or more componentsfor facilitating its secured use. It is contemplated that the operationsof these components may be combined in one or more components orperformed by other components of equivalent functionality. In oneimplementation, the short-range wireless token 104 may include aprocessor 302, a powering module 304, a communication module 306, anoutput signal control module 308, a session module 310, a sensor module312, a reset module 314, and/or other modules.

The processor 302 may include and/or have access to one or moreelectronic storage media to store information. The processor 302 mayexecute one or more modules (e.g., computer program modules and/or othermodules) of the short-range wireless token 104 to facilitate one or moreoperations of the modules. For example, in some implementations, theprocessor 302 may interact with the powering module 304 to cause theshort-range wireless token 104 to wirelessly power based on detectingthat the short-range wireless token 104 is within a powering range of anelectromagnetic field of the user device 102. In one implementation, thepowering module 304 may verify whether the short-range wireless token104 may be powered by the electromagnetic field of the user device 102before allowing the supply of power from the electromagnetic field toreach other components of the short-range wireless token 104 (e.g., toavoid shorting other components of the short-range wireless token 104,to restrict the powering of the short-range wireless token 104 tocertain user devices 102 that satisfy a particular standards set, etc.).

In certain implementations, the powering module 304 may include apowering circuit that may be configured to automatically power theshort-range wireless token 104 based on the short-range wireless token104 being within the powering range of the electromagnetic field of theuser device 102. In one use case, the powering circuit may include oneor more inductors and/or other components that derive current from theelectromagnetic field to power the short-range wireless token 104 (e.g.,without direction from a computer program module, based on instructionsof a computer program modules, etc.).

In various implementations, the processor 302 may work with thecommunication module 306 to facilitate communication with othercomponents of the short-range wireless token 104, among the othercomponents of the short-range wireless token 104, with devices externalto the short-range wireless token 104 (e.g., a mobile device), and/orother components of the system 100. As an example, the communicationmodule 306 may receive a request from the user device 102 forverification information to establish a session between the user device102 and a network service, a session to access protected information atthe user device 102, and/or other sessions (e.g., by authenticating auser, a transaction, etc.). Subsequently, the communication module 306may forward the request to the session module 310 for processing. Asanother example, the communication module 306 may generate and transmitoutput signals associated with the verification information to providethe verification information to the user device 102 in response to thegeneration of the verification information by the session module 310.

In certain implementations, the processor 302 may interact with theoutput signal control module 308 to disable output signals of theshort-range wireless token 104 based on a predetermined condition (e.g.,executions of a particular command or command series exceed an executionthreshold number, a time threshold related to inactivity is reached,and/or other predetermined conditions). For example, in response todetecting an occurrence of a predetermined condition, the output signalcontrol module 308 may activate a mute mode of the short-range wirelesstoken 104. The activating of the mute mode may, for instance, result inthe disabling of the output signals.

In some implementations, the output signals of the short-range wirelesstoken 104 may be re-enabled based on a discontinuing and then a resumingof the powering of the short-range wireless token by the electromagneticfield of the user device 102. By way of example, upon the discontinuingof the powering, the mute mode of the short-range wireless token 104 maybe deactivated as a result of the loss of power associated with theshort-range wireless token 104. Subsequently, upon the resuming of thepowering and the short-range wireless token 104 regaining power, theoutput signals of the short-range wireless token 104 may be re-enabled.In one implementation, the output signal control module 308 mayeffectuate the deactivating of the mute mode of the short-range wirelesstoken to cause re-enabling of the output signals. For example, if the“activated” status of the mute mode continues to persist upon thediscontinuing of the powering by the electromagnetic field (e.g., theshort-range wireless token 104 remains powered, the “activated” statusis saved in a non-transient variable, etc.), the output signal controlmodule 308 may change the “activated” status to a “deactivated” statusupon detecting the discontinuing and then the resuming of the poweringby the electromagnetic field.

In certain implementations, the processor 302 may utilize the sessionmodule 310 to initiate setup of a session between the user device 102and the short-range wireless token 104, to process requests forverification information to authenticate a user or a transaction, and/orto perform other session-related operations. For example, upon receivinga verification information request, the session module 310 may initiateexecution of one or more predetermined commands to generate theverification information so that the verification information may beprovided to a requesting device (e.g., the user device 102). In oneimplementation, the session module 310 may keep track of the number ofexecutions of the predetermined commands that has completed, forinstance, since the last re-enabling of the output signals of theshort-range wireless token 104, the last reset of the short-rangewireless token 104, the last resuming of the powering of the short-rangewireless token 104, etc. Upon a threshold execution number being exceed,for instance, the session module 310 may indicate to the output signalcontrol module 308 to activate the mute mode of the short-range wirelesstoken 104 to cause disabling of the output signals of the short-rangewireless token 104.

In various implementations, the processor 302 may utilize the sensormodule 312 to determine sensor information. In one scenario, the sensormodule 312 may be utilized to detect a deviation from one or morepredetermined ranges of the short-range wireless token 104 with respectto available power, temperature, electromagnetic field strength, and/orother environmental variables. Such deviations may, for instance, causethe sensor module 312 to trigger the output signal control module 308 toactivate the mute mode of the short-range wireless token 104 to causedisabling of the output signals of the short-range wireless token 104.

In some implementations, the processor 302 may utilize the reset module314 to reset the short-range wireless token 104. The reset module 314may, for instance, reset the short-range wireless token 104 based on amanipulation of the short-range wireless token 104, the user device 102,and/or other devices. In one use case, for instance, the short-rangewireless token 104 may include a reset switch for re-enabling the outputsignals. When the reset switch is pressed by a user, the reset module314 may cause the short-range wireless token 104 to reboot. The rebootmay include a discontinuing and then a resuming of the powering of theshort-range wireless token 104. The discontinuing and then the resumingof the powering of the short-range wireless token 104 may, for instance,cause an activated mute mode of the short-range wireless token 104 to bedeactivated, resulting in a re-enabling of the output signals of theshort-range wireless token 104.

FIG. 4 is a flowchart of a process for facilitating secured use ofshort-range wireless tokens, in accordance with one or moreimplementations. The operations of process 400 presented below areintended to be illustrative. In some implementations, process 400 may beaccomplished with one or more additional operations not described,and/or without one or more of the operations discussed. Additionally,the order in which the operations of process 400 are illustrated in FIG.4 and described below is not intended to be limiting.

At an operation 402, the short-range wireless token 104 may be poweredbased on the short-range wireless token 104 being within a poweringrange of an electromagnetic field of the user device 102. The poweringrange may, for instance, be any range capable of powering theshort-range wireless token 104 by the electromagnetic field of the userdevice 102 such that the short-range wireless token 104 is enabled tocommunicate wirelessly with the user device 102 based on the powering bythe electromagnetic field. However, in some implementations, thepowering range may be 4 cm or less and/or other similar ranges.Operation 402 may be performed by a powering module that is the same asor similar to powering module 304, in accordance with one or moreimplementations.

At an operation 404, output signals may be generated by the short-rangewireless token 104 while the short-range wireless token 104 is beingpowered. By way of example, execution of one or more predeterminedcommands may be executed at the short-range wireless token 104 togenerate verification information for establishing a session (e.g., asession between user device 102 and a network service, a session foraccessing information on the user device 102, and/or other sessions).The verification information may, for instance, include authenticationinformation to authenticate a user, a transaction, etc. Output signalscorresponding to the verification information may be generated so thatthe verification information may be provided to user device 102 toestablish the session. Operation 404 may be performed by a communicationmodule that is the same as or similar to communication module 306, inaccordance with one or more implementations.

At an operation 406, a determination of whether a predeterminedcondition has occurred may be effectuated. For example, thepredetermined condition may include: (1) execution of one or morepredetermined commands to provide verification information to the userdevice 102 being completed a predetermined threshold number of times;(2) detection of a passage of a predetermined time duration after atriggering event; (3) detection of an indication of a securityviolation; (4) detection of a deviation from one or more predeterminedranges of the short-range wireless token 104 with respect to availablepower, temperature, electromagnetic field strength, or a combinationthereof; and/or (5) other predetermined conditions. Operation 406 may beperformed by a session module and/or a sensor module that is the same asor similar to session module 310 and/or sensor module 312, in accordancewith one or more implementations. Responsive to a determination that thepredetermined condition has occurred, process 400 may proceed to anoperation 408.

At operation 408, the short-range wireless token 104 may be poweredbased on the short-range wireless token 104 being within a poweringrange of an electromagnetic field of the user device 102. In someimplementations, a mute mode of the short-range wireless token 104 maybe activated based on the predetermined condition to cause the disablingof the output signals. Operation 408 may be performed by a output signalcontrol module that is the same as or similar to output signal controlmodule 308, in accordance with one or more implementations.

At an operation 410, the output signals of the short-range wirelesstoken 104 may be re-enabled based on a discontinuing of the powering ofthe short-range wireless token 104 by the electromagnetic field and thena resuming of the powering of the short-range wireless token 104 by theelectromagnetic field. In various implementations, the re-enabling ofthe output signals may be based on a deactivating of the mute mode thatis in response to the discontinuing of the powering of the short-rangewireless token 104. In some implementations, the discontinuing of thepowering of the short-range wireless token 104 and then the resuming ofthe powering may be based on the short-range wireless token 104 beingplaced outside the powering range and then back within the poweringrange. In certain implementations, the discontinuing of the powering ofthe short-range wireless token 104 and then the resuming of the poweringmay be based on the electromagnetic field of the user device 102 beingdeactivated and then reactivated. Operation 410 may be performed by aoutput signal control module that is the same as or similar to outputsignal control module 308, in accordance with one or moreimplementations. As indicated, in some implementations, the short-rangewireless token 104 may be configured such that the output signals may bere-enabled in response the resuming of the powering of the short-rangewireless token 104 after the discontinuing of the powering causes themute mode of the short-range wireless token 104 to be deactivated.

FIG. 5 is a flowchart of another process for facilitating secured use ofshort-range wireless tokens, in accordance with one or moreimplementations. The operations of process 500 presented below areintended to be illustrative. In some implementations, process 500 may beaccomplished with one or more additional operations not described,and/or without one or more of the operations discussed. Additionally,the order in which the operations of process 500 are illustrated in FIG.5 and described below is not intended to be limiting.

As shown, operations 502, 504, 506, and/or 508 may be the same as orsimilar to operations 402, 404, 406, and/or 408, in accordance with oneor more implementations. Thus, in some implementations, operations 502,504, 506, and/or 508 may be performed by a powering module, acommunication module, an output signal control module, a session module,and/or a sensor module that are the same as or similar to poweringmodule 304, communication module 306, output signal control module 308,session module 310, and/or sensor module 312.

At an operation 510, the short-range wireless token 104 may be reset tore-enable the output signals based on a manipulation of short-rangewireless token 104, the user device 102, or a combination thereof. Byway of example, the short-range wireless token 104 may include aphysical reset switch that may be triggered by a user of short-rangewireless token 104. The short-range wireless token 104 may, forinstance, be reset to enable the output signals in response to thetriggering of the physical reset switch on the short-range wirelesstoken 104 by the user. Operation 510 may be performed by a reset modulethat is the same as or similar to reset module 314, in accordance withone or more implementations. As indicated, in some implementations, theshort-range wireless token 104 may be configured such that the resettingof the short-range wireless token may cause the discontinuing of thepowering of the short-range wireless token 104. The discontinuing of thepowering may, for instance, cause the mute mode of the short-rangewireless token 104 to become deactivated such that the output signalsmay be re-enabled upon the resuming of the powering of short-rangewireless token 104.

FIG. 6 is a flowchart of a process for facilitating detection of apredetermined condition for disabling output signals of a short-rangewireless token, in accordance with one or more implementations. Theoperations of process 600 presented below are intended to beillustrative. In some implementations, process 600 may be accomplishedwith one or more additional operations not described, and/or without oneor more of the operations discussed. Additionally, the order in whichthe operations of process 600 are illustrated in FIG. 6 and describedbelow is not intended to be limiting.

At operation 602, a determination of whether executions of one or morepredetermined commands have exceeded a threshold number of executionsmay be effectuated. In some implementations, the short-range wirelesstoken 104 may receive a request by the user device 102 for verificationinformation to authenticate a user, a transaction, or a combinationthereof. Execution of the predetermined commands may be initiated toprovide the verification information to the user device 102. Uponcompletion of the execution of the predetermined commands, for instance,the determination of whether the threshold execution number has beenexceeded may be effectuated. Operation 602 may be performed by a sessionmodule that is the same as or similar to session module 310, inaccordance with one or more implementations. Responsive to adetermination that the threshold execution number has been exceeded,process 600 may proceed to operation 408 of FIG. 4 and/or operation 508of FIG. 5.

At operation 604, a determination of whether a time threshold has beenexceeded may be effectuated. In certain implementations, a timer may beinitiated in response to a triggering event. The triggering event may,for instance, include detection of the electromagnetic field of the userdevice 102 (e.g., by the short-range wireless token 104), receipt of acommand from the user device 102, sending of a response by theshort-range wireless token 104 to the user device 102, setup of asession between the user device 102 and the short-range wireless token104, and/or other events. The determination of whether the timethreshold has been exceeded may be based on the passage of timeindicated by the timer. Operation 604 may be performed by a sessionmodule that is the same as or similar to session module 310, inaccordance with one or more implementations. Responsive to adetermination that the time threshold has been exceeded, process 600 mayproceed to operation 408 of FIG. 4 and/or operation 508 of FIG. 5.

At operation 606, a determination of whether an indication of a securityviolation has been detected may be effectuated. A security violationmay, for instance, be indicated where attempted access of theshort-range wireless token 104 has failed a predetermined thresholdnumber of times, where incorrect PINs have been used to attempt theaccess of the short-range wireless token 104, and/or in other scenarios.Operation 606 may be performed by a session module that is the same asor similar to session module 310, in accordance with one or moreimplementations. Responsive to a determination that the securityviolation indication has been detected, process 600 may proceed tooperation 408 of FIG. 4 and/or operation 508 of FIG. 5.

At operation 608, a determination of whether a deviation from one ormore predetermined ranges of the short-range wireless token 104 has beendetected may be effectuated. The predetermined ranges of short-rangewireless token may, for instance, be with respect to available power,temperature, electromagnetic field strength, or a combination thereof.Operation 608 may be performed by a session module that is the same asor similar to session module 310, in accordance with one or moreimplementations. Responsive to a determination that the deviation fromthe predetermined ranges of the short-range wireless token 104 has beendetected, process 600 may proceed to operation 408 of FIG. 4 and/oroperation 508 of FIG. 5.

With respect to FIGS. 4, 5, and 6, in various implementations, one ormore operations of processes 400, 500, and/or 600 may be implemented inone or more processing devices (e.g., a digital processor, an analogprocessor, a digital circuit designed to process information, an analogcircuit designed to process information, a state machine, and/or othermechanisms for electronically processing information). The one or moreprocessing devices may include one or more devices executing some or allof the operations of processes 400, 500, and/or 600 in response toinstructions stored electronically on an electronic storage medium. Theone or more processing devices may include one or more devicesconfigured through hardware, firmware, and/or software to bespecifically designed for execution of one or more of the operations ofprocesses 400, 500, and/or 600.

Although the present invention has been described in detail for thepurpose of illustration based on what is currently considered to be themost practical and preferred implementations, it is to be understoodthat such detail is solely for that purpose and that the invention isnot limited to the disclosed implementations, but, on the contrary, isintended to cover modifications and equivalent arrangements that arewithin the spirit and scope of the appended claims. For example, it isto be understood that the present invention contemplates that, to theextent possible, one or more features of any implementation can becombined with one or more features of any other implementation.

What is claimed is:
 1. A method for facilitating secured use ofshort-range wireless tokens, the method comprising: wirelessly poweringa short-range wireless token based on the short-range wireless tokenbeing within a powering range of an electromagnetic field of a userdevice, the short-range wireless token configured to generate outputsignals while being powered; disabling the output signals of theshort-range wireless token while the short-range wireless tokencontinues to be powered by the electromagnetic field based on apredetermined condition determined by the short-range wireless tokensuch that the short-range wireless token is prevented from re-enablingthe output signals for at least as long as the short-range wirelesstoken continues to be powered by the electromagnetic field; andre-enabling the output signals of the short-range wireless token basedon a discontinuing of the powering of the short-range wireless token bythe electromagnetic field and then a resuming of the powering of theshort-range wireless token by the electromagnetic field.
 2. The methodof claim 1, further comprising: activating a mute mode of theshort-range wireless token based on the predetermined condition to causethe disabling of the output signals by setting the mute mode asactivated in a transient variable based on the predetermined condition,wherein the re-enabling of the output signals is based on a deactivatingof the mute mode that is in response to the discontinuing of thepowering of the short-range wireless token.
 3. The method of claim 1,wherein the discontinuing of the powering of the short-range wirelesstoken and then the resuming of the powering is based on the short-rangewireless token being placed outside the powering range and then backwithin the powering range.
 4. The method of claim 1, wherein thediscontinuing of the powering of the short-range wireless token and thenthe resuming of the powering is based on the electromagnetic field ofthe user device being deactivated and then reactivated.
 5. The method ofclaim 1, further comprising: receiving, by the short-range wirelesstoken, a request by the user device for verification information toauthenticate a user, a transaction, or a combination thereof; andinitiating execution of one or more predetermined commands to providethe verification information to the user device, wherein thepredetermined condition includes the execution of the predeterminedcommands being completed a predetermined threshold number of times. 6.The method of claim 1, further comprising: detecting, by the short-rangewireless token, a passage of a predetermined time duration after atriggering event, wherein the predetermined condition includes thedetection of the passage of the predetermined time duration.
 7. Themethod of claim 1, further comprising: detecting, by the short-rangewireless token, an indication of a security violation, wherein thepredetermined condition includes the detection of the security violationindication.
 8. The method of claim 1, further comprising: detecting, bythe short-range wireless token, a deviation from one or morepredetermined ranges of the short-range wireless token with respect toavailable power, temperature, electromagnetic field strength, or acombination thereof, wherein the predetermined condition includes thedetection of the deviation from the predetermined ranges of theshort-range wireless token.
 9. The method of claim 1, wherein theshort-range wireless token comprises a near-field communication (NFC)token, and the user device comprises an NFC reader.
 10. A short-rangewireless token for facilitating secured use of short-range wirelesstokens, the short-range wireless token comprising: a powering moduleconfigured to cause the short-range wireless token to be wirelesslypowered based on the short-range wireless token being within a poweringrange of an electromagnetic field of a user device; and a physicalprocessor configured to cause the short-range wireless token to:generate output signals while being powered; and disable the outputsignals while the short-range wireless token continues to be powered bythe electromagnetic field based on a predetermined condition such thatthe short-range wireless token is prevented from re-enabling the outputsignals for at least as long as the short-range wireless token continuesto be powered by the electromagnetic field, wherein the output signalsare re-enabled based on a discontinuing of the powering of theshort-range wireless token by the electromagnetic field and then aresuming of the powering of the short-range wireless token by theelectromagnetic field.
 11. The short-range wireless token of claim 10,wherein the physical processor is configured to cause the short-rangewireless token to activate a mute mode of the short-range wireless tokenbased on the predetermined condition to cause the disabling of theoutput signals by setting the mute mode as activated in a transientvariable based on the predetermined condition, wherein the outputsignals are re-enabled based on a deactivating of the mute mode that isin response to the discontinuing of the powering of the short-rangewireless token.
 12. The short-range wireless token of claim 10, whereinthe discontinuing of the powering of the short-range wireless token andthen the resuming of the powering is based on the short-range wirelesstoken being placed outside the powering range and then back within thepowering range.
 13. The short-range wireless token of claim 10, whereinthe discontinuing of the powering of the short-range wireless token andthen the resuming of the powering is based on the electromagnetic fieldof the user device being deactivated and then reactivated.
 14. Theshort-range wireless token of claim 10, wherein the physical processoris configured to cause the short-range wireless token to: receive arequest by the user device for verification information to authenticatea user, a transaction, or a combination thereof; and initiate executionof one or more predetermined commands to provide the verificationinformation to the user device, wherein the predetermined conditionincludes the execution of the predetermined commands being completed apredefined threshold number of times.
 15. The short-range wireless tokenof claim 10, wherein the physical processor is configured to cause theshort-range wireless token to detect a passage of a predetermined timeduration after a triggering event, and wherein the predeterminedcondition includes the detection of the passage of the predeterminedtime duration.
 16. The short-range wireless token of claim 10, whereinthe physical processor is configured to cause the short-range wirelesstoken to detect an indication of a security violation, and wherein thepredetermined condition includes the detection of the security violationindication.
 17. The short-range wireless token of claim 10, wherein thephysical processor is configured to cause the short-range wireless tokento detect a deviation from one or more predetermined ranges of theshort-range wireless token with respect to available power, temperature,electromagnetic field strength, or a combination thereof, and whereinthe predetermined condition includes the detection of the deviation fromthe predetermined ranges of the short-range wireless token.
 18. A methodfor facilitating secured use of short-range wireless tokens, the methodcomprising: wirelessly powering a short-range wireless token based onthe short-range wireless token being within a powering range of anelectromagnetic field of a user device, the short-range wireless tokenconfigured to generate output signals while being powered; disabling theoutput signals of the short-range wireless token while the short-rangewireless token continues to be powered by the electromagnetic fieldbased on a predetermined condition determined by the short-rangewireless token such that the short-range wireless token is preventedfrom re-enabling the output signals for at least as long as theshort-range wireless token continues to be powered by theelectromagnetic field; and resetting the short-range wireless token tore-enable the output signals based on a manipulation of the short-rangewireless token, the user device, or a combination thereof.
 19. Themethod of claim 18, wherein the short-range wireless token comprises atleast one physical processor and at least one computer program module,wherein the disabling of the output signals based on the predeterminedcondition is caused by the at least one processor executing the at leastone computer program module.
 20. The method of claim 18, wherein thepredetermined condition includes: (1) execution of one or morepredetermined commands to provide verification information to the userdevice being completed a predetermined threshold number of times; (2)detection of a passage of a predetermined time duration after atriggering event; (3) detection of an indication of a securityviolation; (4) detection of a deviation from one or more predeterminedranges of the short-range wireless token with respect to availablepower, temperature, electromagnetic field strength, or a combinationthereof or (5) a combination thereof.